Adopting this policy and supporting the move to protected networks would be a large step toward mitigating attacks on campus. It is also inline with a larger University goal to secure the wired and wireless networks.

Equipment moved to a Protected Network is no longer subject to attacks or scans from malicious entities on the Internet. This solution will also allow us to secure departmental systems with a simple modification to the network that requires little work on the part of local IT staff and no action on the part of the customer.

With this transition, we are able to enforce a simple, yet effective, security policy to customer equipment protecting these devices from outside threats. At the same time, it allows unrestricted access to the rest of campus and the Internet.

What types of devices should we move to the Protected Network?As we move towards applying a more consistent security model for our campus networks, departmental equipment should be secured from the Internet. These could include:

Currently, certain types of remote access to equipment from off-campus require the use of the VPN (Virtual Private Network) client provided by Comtech. Once the network has been transitioned, the VPN client must be used for all remote access.

After the transition, what happens if remote access to my device from off-campus is required?

If the access is required for NCSU affiliated individuals they may use the NCSU VPN provided by ComTech. If the access is required by non-NCSU affiliated individuals then the device will need to be transitioned out of the Protected Network and into an Unprotected Network.

How does this move impact me?During the scheduled maintenance window for this move, there will be a brief interruption of all network services of approximately 10 minutes. Once the network is moved to the new environment, we would work with local IT support to ensure all needed access is available.

Your local IT support is your first point of contact if there is an issue with your system connectivity. In the event that some access has been removed for a particular system, we would work quickly with the local IT support to resolve the issue.

Most traffic originates from the Client PC to an external host. Traffic originating from off-campus to our client PCs is not the typical flow of traffic. Although we will work with the local IT support to determine the departmental applications used, there may be applications or devices that may not work as expected. If this happens we will work with the local IT support to resolve the issue.

Can rules be added to a Protected Network to allow access to my connected devices?

Your local IT support is your first point of contact if there is an issue with your system connectivity. In the event that some access has No. Due to the broad and general use of the Protected Network, no additional security exceptions will be added to support connectivity to a specific device. If a device needs to be accessed from off-campus by a non-NCSU affiliated entity, then the device will need to be moved to an Unprotected Network.